Merge pull request #101 from mju-likelion/feature/refactor-token-prov…

…ider-#100 Feature/#100 TokenProvider 클래스 리팩토링
mju-likelion · Sep 13, 2024 · 384b996 · 384b996
2 parents c13409e + edc766f
commit 384b996
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 23 deletions.
diff --git a/src/main/java/com/example/mutsideout_mju/authentication/AuthenticationInterceptor.java b/src/main/java/com/example/mutsideout_mju/authentication/AuthenticationInterceptor.java
@@ -1,22 +1,21 @@
 package com.example.mutsideout_mju.authentication;
 
+import com.example.mutsideout_mju.authentication.token.AccessTokenProvider;
 import com.example.mutsideout_mju.entity.User;
 import com.example.mutsideout_mju.exception.NotFoundException;
 import com.example.mutsideout_mju.exception.errorCode.ErrorCode;
 import com.example.mutsideout_mju.repository.UserRepository;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Component;
 import org.springframework.web.servlet.HandlerInterceptor;
 
 import java.io.UnsupportedEncodingException;
 import java.util.UUID;
 
-@Slf4j
-@RequiredArgsConstructor
 @Component
+@RequiredArgsConstructor
 public class AuthenticationInterceptor implements HandlerInterceptor {
     private final UserRepository userRepository;
     private final AuthenticationContext authenticationContext;

diff --git a/...u/authentication/AccessTokenProvider.java → ...entication/token/AccessTokenProvider.java b/...u/authentication/AccessTokenProvider.java → ...entication/token/AccessTokenProvider.java
@@ -1,4 +1,4 @@
-package com.example.mutsideout_mju.authentication;
+package com.example.mutsideout_mju.authentication.token;
 
 import com.example.mutsideout_mju.exception.UnauthorizedException;
 import com.example.mutsideout_mju.exception.errorCode.ErrorCode;
@@ -11,14 +11,15 @@
 import javax.crypto.SecretKey;
 import java.nio.charset.StandardCharsets;
 import java.util.Date;
+
 @Slf4j
 @Component
 public class AccessTokenProvider {
-    private final SecretKey key; // 시크릿 키
-    private final long validityInMilliseconds; // 유효 시간
+    private final SecretKey key; // AccessToken 시크릿 키
+    private final long validityInMilliseconds; // AccessToken 유효 시간
 
-    public AccessTokenProvider(@Value("${security.jwt.token.secret-key}") final String secretKey,
-                               @Value("${security.jwt.token.expire-length}") final long validityInMilliseconds) {
+    public AccessTokenProvider(@Value("${security.jwt.token.secret-access-key}") final String secretKey,
+                               @Value("${security.jwt.token.access-expire-length}") final long validityInMilliseconds) {
         this.key = Keys.hmacShaKeyFor(secretKey.getBytes(StandardCharsets.UTF_8));
         this.validityInMilliseconds = validityInMilliseconds;
     }
@@ -32,20 +33,19 @@ public String createToken(final String payload) {
                 .setSubject(payload)
                 .setIssuedAt(now)
                 .setExpiration(expiration)
-                .signWith(SignatureAlgorithm.HS256, key)
+                .signWith(key, SignatureAlgorithm.HS256)
                 .compact();
     }
 
     // 정보 추출
     public String getPayload(final String token) {
         try {
-            String payload = Jwts.parserBuilder()
+            return Jwts.parserBuilder()
                     .setSigningKey(key)
                     .build()
                     .parseClaimsJws(token)
                     .getBody()
                     .getSubject();
-            return payload;
         } catch (JwtException e) {
             throw new UnauthorizedException(ErrorCode.INVALID_TOKEN, e.getMessage());
         }

diff --git a/.../authentication/RefreshTokenProvider.java → ...ntication/token/RefreshTokenProvider.java b/.../authentication/RefreshTokenProvider.java → ...ntication/token/RefreshTokenProvider.java
@@ -1,4 +1,4 @@
-package com.example.mutsideout_mju.authentication;
+package com.example.mutsideout_mju.authentication.token;
 
 import javax.crypto.SecretKey;
 
@@ -8,31 +8,30 @@
 import io.jsonwebtoken.security.Keys;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
+
 import java.nio.charset.StandardCharsets;
-import java.time.Duration;
 import java.util.Date;
 
 @Component
 public class RefreshTokenProvider {
-    // JwtTokenProvider 키와 다른 키 사용.
-    private final SecretKey key; // 시크릿 키
-    private final long validityInMilliseconds; // 유효 시간
+    private final SecretKey key; // RefreshToken 시크릿 키
+    private final long validityInMilliseconds; // RefreshToken 유효 시간
 
     public RefreshTokenProvider(@Value("${security.jwt.token.secret-refresh-key}") final String secretKey,
-                            @Value("${security.jwt.token.expire-length}") final long validityInMilliseconds) {
+                                @Value("${security.jwt.token.refresh-expire-length}") final long validityInMilliseconds) {
         this.key = Keys.hmacShaKeyFor(secretKey.getBytes(StandardCharsets.UTF_8));
         this.validityInMilliseconds = validityInMilliseconds;
     }
 
     // RefreshToken 생성
     public String createRefreshToken() {
         Date now = new Date();
-        Date validity = new Date(now.getTime() + Duration.ofDays(14).toMillis());
+        Date validity = new Date(now.getTime() + validityInMilliseconds);
 
         return Jwts.builder()
                 .setIssuedAt(now)
                 .setExpiration(validity)
-                .signWith(SignatureAlgorithm.HS256, key)
+                .signWith(key, SignatureAlgorithm.HS256)
                 .compact();
     }
 

diff --git a/src/main/java/com/example/mutsideout_mju/service/AuthService.java b/src/main/java/com/example/mutsideout_mju/service/AuthService.java
@@ -1,8 +1,8 @@
 package com.example.mutsideout_mju.service;
 
-import com.example.mutsideout_mju.authentication.AccessTokenProvider;
+import com.example.mutsideout_mju.authentication.token.AccessTokenProvider;
 import com.example.mutsideout_mju.authentication.PasswordHashEncryption;
-import com.example.mutsideout_mju.authentication.RefreshTokenProvider;
+import com.example.mutsideout_mju.authentication.token.RefreshTokenProvider;
 import com.example.mutsideout_mju.dto.request.auth.LoginDto;
 import com.example.mutsideout_mju.dto.request.auth.SignupDto;
 import com.example.mutsideout_mju.dto.response.token.TokenResponseDto;

diff --git a/src/main/java/com/example/mutsideout_mju/service/CookieService.java b/src/main/java/com/example/mutsideout_mju/service/CookieService.java
@@ -1,22 +1,22 @@
 package com.example.mutsideout_mju.service;
 
 import com.example.mutsideout_mju.authentication.AuthenticationExtractor;
-import com.example.mutsideout_mju.authentication.RefreshTokenProvider;
+import com.example.mutsideout_mju.authentication.token.RefreshTokenProvider;
 import com.example.mutsideout_mju.entity.RefreshToken;
 import com.example.mutsideout_mju.exception.NotFoundException;
 import com.example.mutsideout_mju.exception.UnauthorizedException;
 import com.example.mutsideout_mju.exception.errorCode.ErrorCode;
 import com.example.mutsideout_mju.repository.RefreshTokenRepository;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.AllArgsConstructor;
-import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseCookie;
 import org.springframework.stereotype.Service;
 
 import java.time.Duration;
 @Service
 @AllArgsConstructor
 public class CookieService {
+
     private final RefreshTokenProvider refreshTokenProvider;
     private final RefreshTokenRepository refreshTokenRepository;
     public void setCookie(HttpServletResponse response, String accessToken) {